cleantalk
Vulnerabilities and Security Researches

IP2Location Variables, CVE-2025-39455

CVE, Research URL

CVE-2025-39455

Home page URL

Security reports for IP2Location Variables

Application

IP2Location Variables

Published on
Apr 17, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in ip2location IP2Location Variables allows Reflected XSS. This issue affects IP2Location Variables: from n/a through 2.9.5.
Affected versions
Min -, max 2.9.6.
Status
vulnerable
Previous vulnerability researches
Nova Blocks by Pixelgrade (CVE-2024-8241) , Sep 11, 2024
Nova Blocks by Pixelgrade (CVE-2025-31819) , Apr 04, 2025
New vulnerability
WP Logger (CVE-2025-39456) , Apr 20, 2025
visualslider Sldier (CVE-2025-23448) , Apr 20, 2025
RSS Manager (CVE-2025-39418) , Apr 20, 2025
Contact Form vCard Generator (CVE-2025-39521) , Apr 20, 2025
AdminQuickbar (CVE-2025-39464) , Apr 20, 2025